2.1 Transport

The client, server, or proxy MAY impose additional requirements on authentication as part of the transfer. In these cases, authentication information MUST be exchanged between the client, server, and proxy as required by HTTP and the relevant authentication protocol.<1>